I am trying to create a public key whose x starts with "34" and is followed by the minimum number n such that the concatenation of "34" and n is the x of a valid point (x, y) on the elliptic curve secp256k1. Submit the concatenation of 04, x and y in hexadecimal form. This is a valid bitcoin public key, the corresponding secret key of which is not known by anyone.

I was told that the minimum number is 0.

My understanding is that the answer is supposed to be like this: '0434' + hex(n) + y_value.
I am not sure how to approach this.

Is it true that x-coordinate is supposed to be 32 bytes and y coordinate 32 bytes too?

Is it true that each coordinate is represented in hex mode of 64 chars?

1 Answer
1

That is correct. 0x3400000000000000000000000000000000000000000000000000000000000000 is a valid x-coordinate on secp256k1.

My understanding is that the answer is supposed to be like this: '0434' + hex(n) + y_value. I am not sure how to approach this

That is also correct. However, you will have two y-coordinates. One even and one odd and hence two uncompressed public keys. That is the reason why we append a prefix to the x-coordinate to tell us whether the y-coordinate associated with that x-coordinate is even or odd.

Is it true that x-coordinate is supposed to be 32 bytes and y coordinate 32 bytes too?

That is the maximum size. It can be below that as well.

Is it true that each coordinate is represented in hex mode of 64 chars?

Related to to above. One byte representation needs two hexadecimal characters.

Thank you very much for your reply! Your code produces the same keys as mine though. And if x can be less than 32 bytes then is x=0x320 a valid point on the curve? I tried that too but it is not still the correct answer.
– Δήμητρα ΓεωργίουJul 24 at 20:08

@ΔήμητραΓεωργίου Yes, x can be less than 32 bytes. However, not all points are members of the secp256k1 curve. For example, 0x32 is not a valid x-coordinate but 0x320 is. In most programs (including the one I pasted above), you will need to pad the public key hexadecimal to 32 bytes. Also what do you mean by correct answer?
– Ugam KamatJul 25 at 5:15

Thank you again! My professor does not accept '0434000000000000000000000000000000000000000000000000000000000000009d143cafb07ae7ea8025f44c9cf201dc34e4cc71003869b81cca00e0844d16f4' or '04340000000000000000000000000000000000000000000000000000000000000062ebc3504f8518157fda0bb3630dfe23cb1b338effc79647e335ff1e7bb2e53b' as correct answers. Maybe this is what you say now: "pad the public key hexadecimal to 32 bytes". Could you please explain what you mean? I have really lost my mind over this.
– Δήμητρα ΓεωργίουJul 25 at 6:19

@ΔήμητραΓεωργίου Hey, so both the keys that you mentioned are valid points on the secp256k1 curve and as such are valid Bitcoin public keys. disregard the padding, it was related to something else that might just confuse you.
– Ugam KamatJul 25 at 6:28

Ok! Do you you know what is the answer to the above problem because I still don't know. Thank you again!
– Δήμητρα ΓεωργίουJul 25 at 6:33